CVE 2007-6206
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
Related bugs and status
CVE-2007-6206 (Candidate) is related to these bugs:
Bug #153096: [sata_sil][sata->ide-bridg] failed to set xfermode
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 153096 | [sata_sil][sata->ide-bridg] failed to set xfermode | linux-source-2.6.22 (Ubuntu) | High | Fix Released | ||
| 153096 | [sata_sil][sata->ide-bridg] failed to set xfermode | linux (Ubuntu) | High | Fix Released | ||
| 153096 | [sata_sil][sata->ide-bridg] failed to set xfermode | Linux | Medium | Fix Released | ||
Bug #164231: NFS regression causes subsequent mounts from same superblock to silently use previous mount options
Bug #180294: [linux-source] [CVE-2007-6206] local coredump information disclosure vulnerability
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 180294 | [linux-source] [CVE-2007-6206] local coredump information disclosure vulnerability | linux-meta (Ubuntu) | Undecided | Fix Released | ||
Bug #185649: 7.10 support of new AMD PowerNow! (family 0x11 and beyond)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 185649 | 7.10 support of new AMD PowerNow! (family 0x11 and beyond) | linux-source-2.6.22 (Ubuntu) | Medium | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
